Tips to help spot a scam email

By Berin LautenbachJune 15, 2018

Email is a great tool. It’s quick, available 24/7 and can be accessed from almost anywhere. However, those same conveniences are also afforded to scammers, who regularly use email to target their victims. Scammers also typically impersonate well-known companies – including Telstra – to make their scam emails more convincing.

What are scam emails?

Scam emails generally fall into two categories:

Those that ask you to provide personal or sensitive information (phishing), or

Those that include attachments or links intended to install malicious software (malware) on your device.

Ultimately, scams come in all shapes and sizes – some ask for personal or financial information, and some come with hidden nasties like malware. Regardless of what category they fall into, they’ll often impersonate legitimate company communications – like Telstra bills or correspondence – in an attempt to make them more convincing and trick the reader into providing the information, opening the attachment, or clicking the link.

What should I look out for?

It’s important to note that while these kinds of scams have evolved over time, the tips on how to protect yourself remain the same.

Listen to your gut. If you encounter something unsolicited, unexpected, too good to be true, or coercive, or anything that asks for personal or financial information, double and then triple check it by asking others, calling up the organisation on its official number or searching online for any background information on the sender or offer.

Beware of unsolicited requests for sensitive information – don’t open attachments or click on embedded links in emails or sites you don’t know or trust.

Pay close attention to the sender’s email address and any links in emails for anything that doesn’t look legitimate.

Never respond to a request for personal or financial information in an unexpected email.

Make sure you always apply the latest updates to all your devices and software.

If a phishing email contains information like an account number, cross check that the details correspond with the details on a previous official email.

Be suspicious of unaddressed or generically addressed emails, such as “Dear Customer”.

Beware of emails that include a zip file, an .exe or other suspicious attachment.

What should I do if I think I’ve received a scam email?

If you get a suspicious email, don’t reply to the email or open attachments or links.

If you do click on a link in an email and are directed to a website, do not enter any personal or financial information onto the site.

If you’ve received a scam email that looks like it’s from Telstra, tell us about the scam by submitting a Report Misuse of Service form and include as much detail as you can. Our Cyber Security team will investigate the report and may be in touch if they have additional questions.

If you do open an attachment or click on a link, make sure that your computer’s operating system and anti-virus software is up to date. Consider running an anti-virus scan of your computer.

What should I do if I think I’ve been a victim of a scam?

If you believe you have become a victim of a scam, there are a few tips we recommend to help you get things back under your control:

Stay calm. As frustrating as it is to learn that you may be at risk, keeping focussed and calm will help you manage your response properly.

Think carefully about what information, or access, you may have provided to criminals. Take an inventory and write down what you remember sharing or entering into any fraudulent web sites.

If you provided banking or other financial details such as a credit card number, contact your financial institution immediately. Be sure to monitor your accounts closely in the future as well.

If you provided any usernames or passwords, immediately change your passwords to a new and secure version.

If you’ve shared other personally sensitive information, such as your driver’s license number, Medicare, passport or contact details (such as your phone number or address), then you may want to visit IDCare at https://www.idcare.org – they can help you formulate a response plan to address potential identity theft.

If you think you have been compromised by malicious software, spyware or a virus, our Telstra Platinum team can provide advice. And they can help you detect, remove, and protect your devices with Telstra protection services or by configuring what you already have. Call 13 75 87 or for more information visit telstra.com/platinum.

Berin joined Telstra in 2015 with more than 24 years experience in cyber security. He has an extensive and diverse background having started his career at the Department of Defence before moving into the private sector where he worked for large companies including NAB and GE Capital. Berin loves the big cyber security challenges and bringing together a team of great minds to protect customer and corporate data and the Telstra network.